Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/7Jx0Wa9SamgrS1fXTEfMWZDdlQU.roa
File: 7Jx0Wa9SamgrS1fXTEfMWZDdlQU.roa (raw, json)
Hash identifier: Kb6LSPZme+mgw8sNJuBQ4YjJ1vJRE0HsTPwKBNfWnO0=
Subject key identifier: EC:9C:74:59:AF:52:6A:68:2B:4B:57:D7:4C:47:CC:59:90:DD:95:05
Certificate issuer: /CN=46af6ca33534b8530b9f214ec8ea93dd25bd1fcf
Certificate serial: 018CC349297196BE65164A36A53204287142
Authority key identifier: 46:AF:6C:A3:35:34:B8:53:0B:9F:21:4E:C8:EA:93:DD:25:BD:1F:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rq9sozU0uFMLnyFOyOqT3SW9H88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/7Jx0Wa9SamgrS1fXTEfMWZDdlQU.roa
Signing time: Mon 01 Jan 2024 04:30:00 +0000
ROA not before: Mon 01 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199070
IP address blocks: 91.242.171.0/24 maxlen: 24
91.242.170.0/24 maxlen: 24
91.242.170.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:29:71:96:be:65:16:4a:36:a5:32:04:28:71:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46af6ca33534b8530b9f214ec8ea93dd25bd1fcf
Validity
Not Before: Jan 1 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec9c7459af526a682b4b57d74c47cc5990dd9505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:94:94:3b:9f:95:86:a5:0b:4a:61:3d:60:
ca:a9:1a:14:52:4b:90:af:7d:15:2d:be:86:d9:fe:
aa:d7:69:6f:90:0c:7d:74:ba:06:da:13:7d:72:9f:
cc:0c:15:6e:45:d1:96:b5:a0:eb:02:3f:44:7e:96:
91:7d:17:3d:6f:fc:3e:0e:df:eb:6d:3c:35:3a:dd:
d2:ac:d0:73:0c:70:6f:e4:05:63:64:d0:ad:6d:53:
47:47:c8:89:29:51:90:25:16:f4:ba:90:31:39:b7:
15:e4:cd:7a:bb:aa:b8:9f:2d:ee:e0:d5:be:43:f0:
c7:d0:ad:0b:a5:a7:29:db:b1:3e:c2:b8:32:c0:c3:
e0:16:24:7b:6a:fb:97:c6:d7:2c:8e:92:03:39:a7:
05:12:f8:69:a5:85:45:66:06:6d:c9:47:e1:cb:7d:
d6:89:73:52:38:6d:8d:42:d6:8f:cd:35:a5:99:69:
52:f2:09:af:67:5d:21:da:7c:f0:12:21:31:f7:20:
d3:28:c5:3a:a9:39:9f:60:84:c2:da:c3:ce:9c:f0:
a8:d1:27:59:13:39:49:74:68:0f:f1:77:a5:1b:6b:
e1:5c:e2:4b:03:5f:ab:cf:6c:47:3e:44:36:85:d3:
c7:a7:74:b7:db:30:c6:67:cf:95:3d:fa:4d:06:d0:
e0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9C:74:59:AF:52:6A:68:2B:4B:57:D7:4C:47:CC:59:90:DD:95:05
X509v3 Authority Key Identifier:
keyid:46:AF:6C:A3:35:34:B8:53:0B:9F:21:4E:C8:EA:93:DD:25:BD:1F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rq9sozU0uFMLnyFOyOqT3SW9H88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/7Jx0Wa9SamgrS1fXTEfMWZDdlQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/Rq9sozU0uFMLnyFOyOqT3SW9H88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.170.0/23
Signature Algorithm: sha256WithRSAEncryption
60:5b:1b:05:9e:cb:bb:df:09:ef:93:10:71:b3:b0:ad:6f:85:
c9:90:72:19:9a:91:3f:a7:bc:45:7a:85:65:7a:50:8b:00:72:
89:72:e6:1a:a6:52:7f:2b:76:cc:af:04:0b:d4:84:af:a1:d3:
43:b4:10:f6:b9:68:d1:2f:58:83:7a:0e:90:79:67:34:00:b8:
0c:dd:2d:96:d9:f0:f3:83:e6:90:3c:06:35:d6:43:f0:c5:56:
45:c0:dd:05:eb:09:97:25:d6:92:96:67:a9:49:9e:eb:b0:8f:
07:51:6e:0f:c9:55:5f:51:e1:79:bc:6b:1f:a5:da:39:97:16:
65:83:9b:77:78:25:0f:49:33:eb:31:1f:b4:1a:c6:b1:af:81:
24:08:c3:8e:dc:b4:63:d6:a9:8d:b9:ad:71:7d:2d:79:86:95:
95:94:c5:03:fa:30:ff:1c:ac:49:97:7f:25:23:2e:15:d4:5e:
bf:90:a4:b9:69:ee:9e:5e:54:d2:4a:96:fd:58:4e:08:99:00:
23:be:44:98:3b:60:b1:30:95:f9:36:f7:e9:46:f1:99:4c:c6:
5c:64:f1:f3:91:0f:06:65:05:dc:45:f7:75:59:88:55:56:99:
5f:0f:52:36:a7:62:3a:8d:d7:59:b9:41:35:40:2f:03:a2:d3:
c2:83:c6:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSSlxlr5lFko2pTIEKHFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YWY2Y2EzMzUzNGI4NTMwYjlmMjE0ZWM4ZWE5M2RkMjVi
ZDFmY2YwHhcNMjQwMTAxMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzljNzQ1OWFmNTI2YTY4MmI0YjU3ZDc0YzQ3Y2M1OTkwZGQ5NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvuUlDuflYalC0phPWDKqRoUUkuQ
r30VLb6G2f6q12lvkAx9dLoG2hN9cp/MDBVuRdGWtaDrAj9EfpaRfRc9b/w+Dt/r
bTw1Ot3SrNBzDHBv5AVjZNCtbVNHR8iJKVGQJRb0upAxObcV5M16u6q4ny3u4NW+
Q/DH0K0Lpacp27E+wrgywMPgFiR7avuXxtcsjpIDOacFEvhppYVFZgZtyUfhy33W
iXNSOG2NQtaPzTWlmWlS8gmvZ10h2nzwEiEx9yDTKMU6qTmfYITC2sPOnPCo0SdZ
EzlJdGgP8XelG2vhXOJLA1+rz2xHPkQ2hdPHp3S32zDGZ8+VPfpNBtDg9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOycdFmvUmpoK0tX10xHzFmQ3ZUFMB8GA1UdIwQY
MBaAFEavbKM1NLhTC58hTsjqk90lvR/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnE5c296VTB1Rk1MbnlGT3lPcVQzU1c5SDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZTgwYWYtMmQ2NC00Nzg0LTgxMTUt
YzVjZWZkOThmNjIxLzEvN0p4MFdhOVNhbWdyUzFmWFRFZk1XWkRkbFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84ZTgwYWYtMmQ2NC00Nzg0LTgxMTUtYzVjZWZkOThmNjIx
LzEvUnE5c296VTB1Rk1MbnlGT3lPcVQzU1c5SDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/KqMA0G
CSqGSIb3DQEBCwUAA4IBAQBgWxsFnsu73wnvkxBxs7Ctb4XJkHIZmpE/p7xFeoVl
elCLAHKJcuYaplJ/K3bMrwQL1ISvodNDtBD2uWjRL1iDeg6QeWc0ALgM3S2W2fDz
g+aQPAY11kPwxVZFwN0F6wmXJdaSlmepSZ7rsI8HUW4PyVVfUeF5vGsfpdo5lxZl
g5t3eCUPSTPrMR+0Gsaxr4EkCMOO3LRj1qmNua1xfS15hpWVlMUD+jD/HKxJl38l
Iy4V1F6/kKS5ae6eXlTSSpb9WE4ImQAjvkSYO2CxMJX5NvfpRvGZTMZcZPHzkQ8G
ZQXcRfd1WYhVVplfD1I2p2I6jddZuUE1QC8DotPCg8bT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:59:50 2025 by rpki-client